amirmoghi3
/
ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ops/playbooks/server/addDomainAndEncrypt.yml

75 lines
2.2 KiB
YAML
Raw Blame History

---
- name: letsencrypt
hosts: supermaster
become: yes
tasks:
- name: add domain to nginx with j2 block
template:
src: template/nginx-server-block.j2
dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf
with_items:
- server_name: watchdogs.of.galaxy.igarson.app
server_config: ""
service_port: 9001
conf_file: base.conf
- server_name: storm.of.galaxy.igarson.app
server_config: ""
service_port: 9002
conf_file: base.conf
- server_name: eyes.of.galaxy.igarson.app
server_config: ""
service_port: 9003
conf_file: base.conf
- name: append /tmp/new-nginx-server-block.conf to specific conf
shell: |
cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
with_items:
- server_name: watchdogs.of.galaxy.igarson.app
server_config: ""
service_port: 9001
conf_file: base.conf
- server_name: storm.of.galaxy.igarson.app
server_config: ""
service_port: 9002
conf_file: base.conf
- server_name: eyes.of.galaxy.igarson.app
server_config: ""
service_port: 9003
conf_file: base.conf
- name: encrypt all domains
shell: |
certbot --nginx -d {{item.server_name}} -n --redirect
with_items:
- server_name: watchdogs.of.galaxy.igarson.app
server_config: ""
service_port: 9001
conf_file: base.conf
- server_name: storm.of.galaxy.igarson.app
server_config: ""
service_port: 9002
conf_file: base.conf
- server_name: eyes.of.galaxy.igarson.app
server_config: ""
service_port: 9003
conf_file: base.conf
- name: Reload nginx to activate specified site
service: name=nginx state=restarted
- name: cron job for renew certificates
cron:
name: renew_certificates
special_time: weekly
job: certbot renew --post-hook "systemctl reload nginx"
Reference in New Issue View Git Blame Copy Permalink